X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a3ead5062acc169ae3486d90ac2befe3db86bfe6..refs/pull/4191/head:/app/Http/Controllers/RoleController.php diff --git a/app/Http/Controllers/RoleController.php b/app/Http/Controllers/RoleController.php index 25b2a5851..6d397bdae 100644 --- a/app/Http/Controllers/RoleController.php +++ b/app/Http/Controllers/RoleController.php @@ -3,18 +3,18 @@ namespace BookStack\Http\Controllers; use BookStack\Auth\Permissions\PermissionsRepo; +use BookStack\Auth\Queries\RolesAllPaginatedAndSorted; +use BookStack\Auth\Role; use BookStack\Exceptions\PermissionsException; +use BookStack\Util\SimpleListOptions; use Exception; use Illuminate\Http\Request; use Illuminate\Validation\ValidationException; class RoleController extends Controller { - protected $permissionsRepo; + protected PermissionsRepo $permissionsRepo; - /** - * PermissionController constructor. - */ public function __construct(PermissionsRepo $permissionsRepo) { $this->permissionsRepo = $permissionsRepo; @@ -23,22 +23,49 @@ class RoleController extends Controller /** * Show a listing of the roles in the system. */ - public function index() + public function index(Request $request) { $this->checkPermission('user-roles-manage'); - $roles = $this->permissionsRepo->getAllRoles(); - return view('settings.roles.index', ['roles' => $roles]); + $listOptions = SimpleListOptions::fromRequest($request, 'roles')->withSortOptions([ + 'display_name' => trans('common.sort_name'), + 'users_count' => trans('settings.roles_assigned_users'), + 'permissions_count' => trans('settings.roles_permissions_provided'), + 'created_at' => trans('common.sort_created_at'), + 'updated_at' => trans('common.sort_updated_at'), + ]); + + $roles = (new RolesAllPaginatedAndSorted())->run(20, $listOptions); + $roles->appends($listOptions->getPaginationAppends()); + + $this->setPageTitle(trans('settings.roles')); + + return view('settings.roles.index', [ + 'roles' => $roles, + 'listOptions' => $listOptions, + ]); } /** * Show the form to create a new role. */ - public function create() + public function create(Request $request) { $this->checkPermission('user-roles-manage'); - return view('settings.roles.create'); + /** @var ?Role $role */ + $role = null; + if ($request->has('copy_from')) { + $role = Role::query()->find($request->get('copy_from')); + } + + if ($role) { + $role->display_name .= ' (' . trans('common.copy') . ')'; + } + + $this->setPageTitle(trans('settings.role_create')); + + return view('settings.roles.create', ['role' => $role]); } /** @@ -47,48 +74,51 @@ class RoleController extends Controller public function store(Request $request) { $this->checkPermission('user-roles-manage'); - $this->validate($request, [ + $data = $this->validate($request, [ 'display_name' => ['required', 'min:3', 'max:180'], - 'description' => 'max:180', + 'description' => ['max:180'], + 'external_auth_id' => ['string'], + 'permissions' => ['array'], + 'mfa_enforced' => ['string'], ]); - $this->permissionsRepo->saveNewRole($request->all()); - $this->showSuccessNotification(trans('settings.role_create_success')); + $data['permissions'] = array_keys($data['permissions'] ?? []); + $data['mfa_enforced'] = ($data['mfa_enforced'] ?? 'false') === 'true'; + $this->permissionsRepo->saveNewRole($data); return redirect('/settings/roles'); } /** * Show the form for editing a user role. - * - * @throws PermissionsException */ public function edit(string $id) { $this->checkPermission('user-roles-manage'); $role = $this->permissionsRepo->getRoleById($id); - if ($role->hidden) { - throw new PermissionsException(trans('errors.role_cannot_be_edited')); - } + + $this->setPageTitle(trans('settings.role_edit')); return view('settings.roles.edit', ['role' => $role]); } /** * Updates a user role. - * - * @throws ValidationException */ public function update(Request $request, string $id) { $this->checkPermission('user-roles-manage'); - $this->validate($request, [ + $data = $this->validate($request, [ 'display_name' => ['required', 'min:3', 'max:180'], - 'description' => 'max:180', + 'description' => ['max:180'], + 'external_auth_id' => ['string'], + 'permissions' => ['array'], + 'mfa_enforced' => ['string'], ]); - $this->permissionsRepo->updateRole($id, $request->all()); - $this->showSuccessNotification(trans('settings.role_update_success')); + $data['permissions'] = array_keys($data['permissions'] ?? []); + $data['mfa_enforced'] = ($data['mfa_enforced'] ?? 'false') === 'true'; + $this->permissionsRepo->updateRole($id, $data); return redirect('/settings/roles'); } @@ -105,6 +135,8 @@ class RoleController extends Controller $blankRole = $role->newInstance(['display_name' => trans('settings.role_delete_no_migration')]); $roles->prepend($blankRole); + $this->setPageTitle(trans('settings.role_delete')); + return view('settings.roles.delete', ['role' => $role, 'roles' => $roles]); } @@ -119,15 +151,14 @@ class RoleController extends Controller $this->checkPermission('user-roles-manage'); try { - $this->permissionsRepo->deleteRole($id, $request->get('migrate_role_id')); + $migrateRoleId = intval($request->get('migrate_role_id') ?: "0"); + $this->permissionsRepo->deleteRole($id, $migrateRoleId); } catch (PermissionsException $e) { $this->showErrorNotification($e->getMessage()); return redirect()->back(); } - $this->showSuccessNotification(trans('settings.role_delete_success')); - return redirect('/settings/roles'); } }